From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 54CC4C433F5
	for <linux-kernel@archiver.kernel.org>; Sat,  6 Nov 2021 07:48:29 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 2C82B611EE
	for <linux-kernel@archiver.kernel.org>; Sat,  6 Nov 2021 07:48:29 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233840AbhKFHvH (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Sat, 6 Nov 2021 03:51:07 -0400
Received: from mail-il1-f197.google.com ([209.85.166.197]:34654 "EHLO
        mail-il1-f197.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232984AbhKFHvE (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 6 Nov 2021 03:51:04 -0400
Received: by mail-il1-f197.google.com with SMTP id d3-20020a056e02050300b0027578c6d9aaso205235ils.1
        for <linux-kernel@vger.kernel.org>; Sat, 06 Nov 2021 00:48:23 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:date:message-id:subject:from:to;
        bh=oP5cRQOPI+/xIs7PBFAffDqIDfQtcdvc+FI5GhoActE=;
        b=1gQSUqhMk0HdbhgvNa2QFmDNsUC+Un3vUy6I+0dt+3LdfzC/yVqro4I/XQTPR03F3Y
         DTP7zPAF3WClqEMHnnTR53df5xeKLIwbXahCus9UfEW8CfYlu3bUIBhGKFRo0lEKfkVk
         FSExioYhqzcWIk9XhGWjJbxcb0cUb2NrRtTu7kQTkFb/ACDSsWZpcVaxN51MScAAP/Mx
         qkhiDTxwj5FSIsUuQLakeCmFKId1dy3e0PuviJhJegeY/Lc0zPHqt/YcQ7jFWk+WJw7+
         7bMIGjXHjNh+ejtD4syBw7pviRBa/zRC2sSV/ptJw7tKkTIM9931Q6zAHbGUepTKjvLZ
         TX1w==
X-Gm-Message-State: AOAM531E+X9mJKPZVuDMlEZ51WEC+Q3XEXaLVMdeyVhd3MENuo4ZRNeA
        ZJvuqnost9RY1J7i/AROyQ2gBcRBnmQgY5Bje7kOsyR5qZV8
X-Google-Smtp-Source: ABdhPJylrY9XsExJLCxymLRH9d2h1+9A8blaWbJTnOik+nkPLR8JFW4dx/wIIi+2YhXhcZBV2EAQwERzv/I8RPfkLM3VptF3n7Cg
MIME-Version: 1.0
X-Received: by 2002:a05:6e02:219a:: with SMTP id j26mr36682087ila.287.1636184903236;
 Sat, 06 Nov 2021 00:48:23 -0700 (PDT)
Date:   Sat, 06 Nov 2021 00:48:23 -0700
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <000000000000f1c1fa05d019fb10@google.com>
Subject: [syzbot] kernel BUG in trans_pgd_create_copy
From:   syzbot <syzbot+a0d68c9c9123000ed5ab@syzkaller.appspotmail.com>
To:     catalin.marinas@arm.com, james.morse@arm.com,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        pasha.tatashin@soleen.com, syzkaller-bugs@googlegroups.com,
        will@kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hello,

syzbot found the following issue on:

HEAD commit:    d4439a1189f9 Merge tag 'hsi-for-5.16' of git://git.kernel...
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12b5f782b00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=8eccc5e89b1d525c
dashboard link: https://syzkaller.appspot.com/bug?extid=a0d68c9c9123000ed5ab
compiler:       aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.1
userspace arch: arm

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a0d68c9c9123000ed5ab@syzkaller.appspotmail.com

------------[ cut here ]------------
kernel BUG at arch/arm64/include/asm/pgalloc.h:79!
Internal error: Oops - BUG: 0 [#1] SMP
Modules linked in:
CPU: 0 PID: 12093 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller-10158-gd4439a1189f9 #0
Hardware name: linux,dummy-virt (DT)
pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : pmd_populate_kernel arch/arm64/include/asm/pgalloc.h:79 [inline]
pc : copy_pte arch/arm64/mm/trans_pgd.c:70 [inline]
pc : copy_pmd arch/arm64/mm/trans_pgd.c:105 [inline]
pc : copy_pud arch/arm64/mm/trans_pgd.c:141 [inline]
pc : copy_p4d arch/arm64/mm/trans_pgd.c:167 [inline]
pc : copy_page_tables arch/arm64/mm/trans_pgd.c:186 [inline]
pc : trans_pgd_create_copy+0x5bc/0x7f0 arch/arm64/mm/trans_pgd.c:213
lr : trans_alloc arch/arm64/mm/trans_pgd.c:30 [inline]
lr : copy_pte arch/arm64/mm/trans_pgd.c:67 [inline]
lr : copy_pmd arch/arm64/mm/trans_pgd.c:105 [inline]
lr : copy_pud arch/arm64/mm/trans_pgd.c:141 [inline]
lr : copy_p4d arch/arm64/mm/trans_pgd.c:167 [inline]
lr : copy_page_tables arch/arm64/mm/trans_pgd.c:186 [inline]
lr : trans_pgd_create_copy+0x480/0x7f0 arch/arm64/mm/trans_pgd.c:213
sp : ffff80001b977a60
x29: ffff80001b977a60 x28: 1fffe0000ffff000 x27: ffff800010059c90
x26: ffff00003fffffff x25: ffff000032476000 x24: dfff800000000000
x23: ffff000000200000 x22: ffff80001b977c30 x21: ffff000040000000
x20: ffff00007fff8000 x19: ffff000000000000 x18: fffffbffeff9c3c8
x17: 0000000000000000 x16: 0000000000000000 x15: d503201fd503201f
x14: 1ffff0000372ee30 x13: 0000000000000000 x12: ffff60000648f000
x11: 1fffe0000648efff x10: ffff60000648efff x9 : 0000000000000000
x8 : ffff000032478000 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000004
x2 : fffffc0000000000 x1 : ffff800015f1e560 x0 : ffff000032477000
Call trace:
 set_p4d arch/arm64/include/asm/pgtable.h:695 [inline]
 __p4d_populate arch/arm64/include/asm/pgalloc.h:46 [inline]
 p4d_populate arch/arm64/include/asm/pgalloc.h:54 [inline]
 copy_pud arch/arm64/mm/trans_pgd.c:129 [inline]
 copy_p4d arch/arm64/mm/trans_pgd.c:167 [inline]
 copy_page_tables arch/arm64/mm/trans_pgd.c:186 [inline]
 trans_pgd_create_copy+0x5bc/0x7f0 arch/arm64/mm/trans_pgd.c:213
 machine_kexec_post_load+0x178/0x6d0 arch/arm64/kernel/machine_kexec.c:146
 do_kexec_load+0x194/0x520 kernel/kexec.c:155
 __do_compat_sys_kexec_load kernel/kexec.c:292 [inline]
 __se_compat_sys_kexec_load kernel/kexec.c:257 [inline]
 __arm64_compat_sys_kexec_load+0x36c/0x47c kernel/kexec.c:257
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0xc4/0x254 arch/arm64/kernel/syscall.c:142
 do_el0_svc_compat+0x40/0x80 arch/arm64/kernel/syscall.c:187
 el0_svc_compat+0x64/0x280 arch/arm64/kernel/entry-common.c:736
 el0t_32_sync_handler+0x90/0x140 arch/arm64/kernel/entry-common.c:746
 el0t_32_sync+0x1a4/0x1a8 arch/arm64/kernel/entry.S:577
Code: 17fffee0 aa1503e0 97ffdd37 17ffff17 (d4210000) 
---[ end trace a6c0112af29130b0 ]---


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=nE+e=PZ=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6A9A1C433F5
	for <linux-arm-kernel@archiver.kernel.org>; Sat,  6 Nov 2021 07:50:12 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 29084611EE
	for <linux-arm-kernel@archiver.kernel.org>; Sat,  6 Nov 2021 07:50:12 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 29084611EE
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:To:From:Subject:Message-ID:Date:
	MIME-Version:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
	References:List-Owner; bh=lcbDLf1ap05hR2W5GnLkKSXasTGzDXyMfHBnNgH8P1E=; b=c9e
	T0l4UOqak6DWkRUDu84CFkpy1Fksio9A/K7wi37OMIS4WguXg4p5a0tbHwOU4wzTiohp7TxCHeXRV
	AfHzld3ZJZ5AVvw/ivER+riF8eolVw5CwDmU5fQeXHUamH+HhpqnubdF81S/j2j2+M8AQ+HAtWShV
	+EixnwT6wEZUr+mENZSJEoz3thW6zdDk/m3kPftQFLfQ9D/5Bl3HQIkBx7sG6zI/Tyj+bIFN1vSBj
	LTtlXA700t2ObjW4B8gHyzH7ArLxl0r4qSfy1lg/aPJ7su7nwCGlg0HV+DCuOPXfJbO5CZwlh8buW
	f5x6wjRlF7pEa2Ac6Y68zJmiO+59V6w==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
	id 1mjGRB-00ClCh-UA; Sat, 06 Nov 2021 07:48:30 +0000
Received: from mail-il1-f200.google.com ([209.85.166.200])
 by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
 id 1mjGR7-00ClCF-6b
 for linux-arm-kernel@lists.infradead.org; Sat, 06 Nov 2021 07:48:26 +0000
Received: by mail-il1-f200.google.com with SMTP id
 r13-20020a92440d000000b002498d6b85c1so7407505ila.5
 for <linux-arm-kernel@lists.infradead.org>;
 Sat, 06 Nov 2021 00:48:23 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:mime-version:date:message-id:subject:from:to;
 bh=oP5cRQOPI+/xIs7PBFAffDqIDfQtcdvc+FI5GhoActE=;
 b=hBrfHuIKesZkZBiysIPADfK/DwE/GkL4n3XCntb/spUfrA75qv6kzCYCtdWHjKtP26
 2Xj2+8D4py9MkUG85zz1QEpoIR4LL0DsTFOCLZe2IHkl/qtr22Xa8DeIS4CfBm9hoM/J
 hK+CINKgkCCVwgT9ytMdshCV+kBQo7/SQ5rZNqHyPcGk/8AD7y/TuboxhfBuTRIJ8o6h
 HfZbWPJybLGZVFeYDX4jBAtd8bWaNV6shZdExzKk9+O9ZZ87nST1MNdENjLLDcUwzNQU
 a3CWxXuU4nvjYcROeF2bVOM26J1fIRJDRWyJ0OkXCWyV5URzBabE086HB27U0hudEsM0
 vs2Q==
X-Gm-Message-State: AOAM53399dg9kKga19lGSuOu0whs+qIqT1pZPfhWkdfWdwLfceD+IO9T
 J4WtREoeT28C+4irkgBty+gAWGOjMdnt9c/XhkYDSo/yq39D
X-Google-Smtp-Source: ABdhPJylrY9XsExJLCxymLRH9d2h1+9A8blaWbJTnOik+nkPLR8JFW4dx/wIIi+2YhXhcZBV2EAQwERzv/I8RPfkLM3VptF3n7Cg
MIME-Version: 1.0
X-Received: by 2002:a05:6e02:219a:: with SMTP id
 j26mr36682087ila.287.1636184903236; 
 Sat, 06 Nov 2021 00:48:23 -0700 (PDT)
Date: Sat, 06 Nov 2021 00:48:23 -0700
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <000000000000f1c1fa05d019fb10@google.com>
Subject: [syzbot] kernel BUG in trans_pgd_create_copy
From: syzbot <syzbot+a0d68c9c9123000ed5ab@syzkaller.appspotmail.com>
To: catalin.marinas@arm.com, james.morse@arm.com, 
 linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, 
 pasha.tatashin@soleen.com, syzkaller-bugs@googlegroups.com, will@kernel.org
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20211106_004825_267396_E40125A2 
X-CRM114-Status: UNSURE (   6.89  )
X-CRM114-Notice: Please train this message.
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Hello,

syzbot found the following issue on:

HEAD commit:    d4439a1189f9 Merge tag 'hsi-for-5.16' of git://git.kernel...
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12b5f782b00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=8eccc5e89b1d525c
dashboard link: https://syzkaller.appspot.com/bug?extid=a0d68c9c9123000ed5ab
compiler:       aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.1
userspace arch: arm

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a0d68c9c9123000ed5ab@syzkaller.appspotmail.com

------------[ cut here ]------------
kernel BUG at arch/arm64/include/asm/pgalloc.h:79!
Internal error: Oops - BUG: 0 [#1] SMP
Modules linked in:
CPU: 0 PID: 12093 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller-10158-gd4439a1189f9 #0
Hardware name: linux,dummy-virt (DT)
pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : pmd_populate_kernel arch/arm64/include/asm/pgalloc.h:79 [inline]
pc : copy_pte arch/arm64/mm/trans_pgd.c:70 [inline]
pc : copy_pmd arch/arm64/mm/trans_pgd.c:105 [inline]
pc : copy_pud arch/arm64/mm/trans_pgd.c:141 [inline]
pc : copy_p4d arch/arm64/mm/trans_pgd.c:167 [inline]
pc : copy_page_tables arch/arm64/mm/trans_pgd.c:186 [inline]
pc : trans_pgd_create_copy+0x5bc/0x7f0 arch/arm64/mm/trans_pgd.c:213
lr : trans_alloc arch/arm64/mm/trans_pgd.c:30 [inline]
lr : copy_pte arch/arm64/mm/trans_pgd.c:67 [inline]
lr : copy_pmd arch/arm64/mm/trans_pgd.c:105 [inline]
lr : copy_pud arch/arm64/mm/trans_pgd.c:141 [inline]
lr : copy_p4d arch/arm64/mm/trans_pgd.c:167 [inline]
lr : copy_page_tables arch/arm64/mm/trans_pgd.c:186 [inline]
lr : trans_pgd_create_copy+0x480/0x7f0 arch/arm64/mm/trans_pgd.c:213
sp : ffff80001b977a60
x29: ffff80001b977a60 x28: 1fffe0000ffff000 x27: ffff800010059c90
x26: ffff00003fffffff x25: ffff000032476000 x24: dfff800000000000
x23: ffff000000200000 x22: ffff80001b977c30 x21: ffff000040000000
x20: ffff00007fff8000 x19: ffff000000000000 x18: fffffbffeff9c3c8
x17: 0000000000000000 x16: 0000000000000000 x15: d503201fd503201f
x14: 1ffff0000372ee30 x13: 0000000000000000 x12: ffff60000648f000
x11: 1fffe0000648efff x10: ffff60000648efff x9 : 0000000000000000
x8 : ffff000032478000 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000004
x2 : fffffc0000000000 x1 : ffff800015f1e560 x0 : ffff000032477000
Call trace:
 set_p4d arch/arm64/include/asm/pgtable.h:695 [inline]
 __p4d_populate arch/arm64/include/asm/pgalloc.h:46 [inline]
 p4d_populate arch/arm64/include/asm/pgalloc.h:54 [inline]
 copy_pud arch/arm64/mm/trans_pgd.c:129 [inline]
 copy_p4d arch/arm64/mm/trans_pgd.c:167 [inline]
 copy_page_tables arch/arm64/mm/trans_pgd.c:186 [inline]
 trans_pgd_create_copy+0x5bc/0x7f0 arch/arm64/mm/trans_pgd.c:213
 machine_kexec_post_load+0x178/0x6d0 arch/arm64/kernel/machine_kexec.c:146
 do_kexec_load+0x194/0x520 kernel/kexec.c:155
 __do_compat_sys_kexec_load kernel/kexec.c:292 [inline]
 __se_compat_sys_kexec_load kernel/kexec.c:257 [inline]
 __arm64_compat_sys_kexec_load+0x36c/0x47c kernel/kexec.c:257
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0xc4/0x254 arch/arm64/kernel/syscall.c:142
 do_el0_svc_compat+0x40/0x80 arch/arm64/kernel/syscall.c:187
 el0_svc_compat+0x64/0x280 arch/arm64/kernel/entry-common.c:736
 el0t_32_sync_handler+0x90/0x140 arch/arm64/kernel/entry-common.c:746
 el0t_32_sync+0x1a4/0x1a8 arch/arm64/kernel/entry.S:577
Code: 17fffee0 aa1503e0 97ffdd37 17ffff17 (d4210000) 
---[ end trace a6c0112af29130b0 ]---


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel